CVE-2023-40708

The File Transfer Protocol (FTP) port is open by default in the SNAP PAC S1 Firmware version R10.3b. This could allow an adversary to access some device files.
References
Link Resource
https://www.cisa.gov/news-events/ics-advisories/icsa-23-236-02 Third Party Advisory US Government Resource
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:opto22:snap_pac_s1_firmware:r10.3b:*:*:*:*:*:*:*
cpe:2.3:h:opto22:snap_pac_s1:-:*:*:*:*:*:*:*

History

11 Sep 2024, 16:15

Type Values Removed Values Added
CWE CWE-284 CWE-1188

29 Aug 2023, 23:33

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.3
CPE cpe:2.3:o:opto22:snap_pac_s1_firmware:r10.3b:*:*:*:*:*:*:*
cpe:2.3:h:opto22:snap_pac_s1:-:*:*:*:*:*:*:*
CWE NVD-CWE-Other
First Time Opto22 snap Pac S1
Opto22
Opto22 snap Pac S1 Firmware
References (MISC) https://www.cisa.gov/news-events/ics-advisories/icsa-23-236-02 - (MISC) https://www.cisa.gov/news-events/ics-advisories/icsa-23-236-02 - Third Party Advisory, US Government Resource

24 Aug 2023, 17:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-08-24 17:15

Updated : 2024-09-11 16:15


NVD link : CVE-2023-40708

Mitre link : CVE-2023-40708

CVE.ORG link : CVE-2023-40708


JSON object : View

Products Affected

opto22

  • snap_pac_s1_firmware
  • snap_pac_s1
CWE
NVD-CWE-Other CWE-1188

Insecure Default Initialization of Resource